Checkmk git commits November 2016

checkmk-commits@lists.checkmk.com

9 participants
299 discussions

by Sven Panne

Module: check_mk Branch: master Commit: f83f9a277c4b9399f2da307e036dc2ab518141f6 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=f83f9a277c4b93… Author: Sven Panne <sp(a)mathias-kettner.de> Date: Tue Nov 8 11:24:42 2016 +0100 Make IWYU happy again --- livestatus/src/Store.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/livestatus/src/Store.cc b/livestatus/src/Store.cc index 8890e2c..24d4380 100644 --- a/livestatus/src/Store.cc +++ b/livestatus/src/Store.cc @@ -27,6 +27,7 @@ #include <cstring> #include <ctime> #include <ostream> +#include <memory> #include <utility> #include <vector> #include "EventConsoleConnection.h"

7 years, 10 months

Revert "Test commit for IWYU on Jenkins"

by Sven Panne

Module: check_mk Branch: master Commit: 6ccbcbd91ead66ba1aefe915a1ae70013c01accf URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=6ccbcbd91ead66… Author: Sven Panne <sp(a)mathias-kettner.de> Date: Tue Nov 8 11:23:10 2016 +0100 Revert "Test commit for IWYU on Jenkins" This reverts commit 3075e068d513b7da33296fb149140bb49541219b. --- livestatus/src/AndingFilter.cc | 1 - livestatus/src/ColumnsColumn.h | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/livestatus/src/AndingFilter.cc b/livestatus/src/AndingFilter.cc index f22ea9a..290ad43 100644 --- a/livestatus/src/AndingFilter.cc +++ b/livestatus/src/AndingFilter.cc @@ -23,7 +23,6 @@ // Boston, MA 02110-1301 USA. #include "AndingFilter.h" -#include <set> #include "Filter.h" using std::string; diff --git a/livestatus/src/ColumnsColumn.h b/livestatus/src/ColumnsColumn.h index d7e0c1c..3ce9215 100644 --- a/livestatus/src/ColumnsColumn.h +++ b/livestatus/src/ColumnsColumn.h @@ -28,7 +28,7 @@ #include "config.h" // IWYU pragma: keep #include <string> #include "StringColumn.h" -#include "TableColumns.h" +class TableColumns; #define COLCOL_TABLE 1 #define COLCOL_NAME 2

7 years, 10 months

Test commit for IWYU on Jenkins

by Sven Panne

Module: check_mk Branch: master Commit: 3075e068d513b7da33296fb149140bb49541219b URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=3075e068d513b7… Author: Sven Panne <sp(a)mathias-kettner.de> Date: Tue Nov 8 11:09:13 2016 +0100 Test commit for IWYU on Jenkins --- livestatus/src/AndingFilter.cc | 1 + livestatus/src/ColumnsColumn.h | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/livestatus/src/AndingFilter.cc b/livestatus/src/AndingFilter.cc index 290ad43..f22ea9a 100644 --- a/livestatus/src/AndingFilter.cc +++ b/livestatus/src/AndingFilter.cc @@ -23,6 +23,7 @@ // Boston, MA 02110-1301 USA. #include "AndingFilter.h" +#include <set> #include "Filter.h" using std::string; diff --git a/livestatus/src/ColumnsColumn.h b/livestatus/src/ColumnsColumn.h index 3ce9215..d7e0c1c 100644 --- a/livestatus/src/ColumnsColumn.h +++ b/livestatus/src/ColumnsColumn.h @@ -28,7 +28,7 @@ #include "config.h" // IWYU pragma: keep #include <string> #include "StringColumn.h" -class TableColumns; +#include "TableColumns.h" #define COLCOL_TABLE 1 #define COLCOL_NAME 2

7 years, 10 months

Use our own iwyu_tool variant.

by Sven Panne

Module: check_mk Branch: master Commit: 02cd19fb4408d183abdd7ce61f7448c436ea9347 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=02cd19fb4408d1… Author: Sven Panne <sp(a)mathias-kettner.de> Date: Tue Nov 8 11:00:50 2016 +0100 Use our own iwyu_tool variant. --- Makefile | 4 +- tests/iwyu_tool_jenkins.py | 214 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 216 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 2ad28da..30f250f 100644 --- a/Makefile +++ b/Makefile @@ -40,7 +40,7 @@ CLANG_TIDY := clang-tidy-$(CLANG_VERSION) SCAN_BUILD := scan-build-$(CLANG_VERSION) CPPCHECK := cppcheck DOXYGEN := doxygen -IWYU_TOOL := iwyu_tool.py +IWYU_TOOL := tests/iwyu_tool_jenkins.py BEAR := bear # File to pack into livestatus-$(VERSION).tar.gz @@ -297,7 +297,7 @@ tidy: compile_commands.json # Not really perfect rules, but better than nothing iwyu: compile_commands.json - @$(IWYU_TOOL) -p . + @$(IWYU_TOOL) --clang-style -p . # Not really perfect rules, but better than nothing analyze: livestatus/config.h diff --git a/tests/iwyu_tool_jenkins.py b/tests/iwyu_tool_jenkins.py new file mode 100755 index 0000000..ef42b65 --- /dev/null +++ b/tests/iwyu_tool_jenkins.py @@ -0,0 +1,214 @@ +#!/usr/bin/env python + +""" Driver to consume a Clang compilation database and invoke IWYU. + +Example usage with CMake: + + # Unix systems + $ mkdir build && cd build + $ CC="clang" CXX="clang++" cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON ... + $ iwyu_tool.py -p . + + # Windows systems + $ mkdir build && cd build + $ cmake -DCMAKE_CXX_COMPILER="%VCINSTALLDIR%/bin/cl.exe" \ + -DCMAKE_C_COMPILER="%VCINSTALLDIR%/VC/bin/cl.exe" \ + -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \ + -G Ninja ... + $ python iwyu_tool.py -p . + +See iwyu_tool.py -h for more details on command-line arguments. +""" + +import os +import sys +import json +import argparse +import subprocess +import re + + +CORRECT_RE = re.compile(r'^$(.*?) has correct #includes/fwd-decls$$') +SHOULD_ADD_RE = re.compile(r'^(.*?) should add these lines:$') +SHOULD_REMOVE_RE = re.compile(r'^(.*?) should remove these lines:$') +FULL_LIST_RE = re.compile(r'The full include-list for (.*?):$') +END_RE = re.compile(r'^---$') +LINES_RE = re.compile(r'.*// lines ([0-9]+)-[0-9]+$') + + +GENERAL, ADD, REMOVE, LIST = range(4) + + +def process_output(output): + """ Process iwyu's output into something clang-like. """ + state = (GENERAL, None) + for line in output: + match = CORRECT_RE.match(line) + if match: + print('%s has correct #includes/fwd-decls' % match.groups(1)) + continue + match = SHOULD_ADD_RE.match(line) + if match: + state = (ADD, match.group(1)) + continue + match = SHOULD_REMOVE_RE.match(line) + if match: + state = (REMOVE, match.group(1)) + continue + match = FULL_LIST_RE.match(line) + if match: + state = (LIST, match.group(1)) + print('%s:1:1: error: full include list follows' % state[1]) + elif END_RE.match(line): + state = (GENERAL, None) + elif state[0] != GENERAL and not line.strip(): + continue + elif state[0] == ADD: + print('%s:1:1: error: add the following line' % state[1]) + print(line) + elif state[0] == REMOVE: + match = LINES_RE.match(line) + line_no = match.group(1) if match else '1' + print('%s:%s:1: error: remove the following line' % (state[1], line_no)) + print(line[2:]) + else: + print(line) + + +def get_output(cwd, command): + """ Run the given command and return its output as a string. """ + process = subprocess.Popen(command, + cwd=cwd, + shell=True, + stdout=subprocess.PIPE, + stderr=subprocess.STDOUT) + return process.communicate()[0].decode("utf-8").splitlines() + + +def run_iwyu(cwd, compile_command, iwyu_args, verbose, clang_style): + """ Rewrite compile_command to an IWYU command, and run it. """ + compiler, _, args = compile_command.partition(' ') + if compiler.endswith('cl.exe'): + # If the compiler name is cl.exe, let IWYU be cl-compatible + clang_args = ['--driver-mode=cl'] + else: + clang_args = [] + + iwyu_args = ['-Xiwyu ' + a for a in iwyu_args] + command = ['include-what-you-use'] + clang_args + iwyu_args + command = '%s %s' % (' '.join(command), args.strip()) + + if verbose: + print('%s:' % command) + + output = get_output(cwd, command) + if clang_style: + process_output(output) + else: + print('\n'.join(output)) + + +def main(compilation_db_path, source_files, verbose, clang_style, iwyu_args): + """ Entry point. """ + # Canonicalize compilation database path + if os.path.isdir(compilation_db_path): + compilation_db_path = os.path.join(compilation_db_path, + 'compile_commands.json') + + compilation_db_path = os.path.realpath(compilation_db_path) + if not os.path.isfile(compilation_db_path): + print('ERROR: No such file or directory: \'%s\'' % compilation_db_path) + return 1 + + # Read compilation db from disk + with open(compilation_db_path, 'r') as fileobj: + compilation_db = json.load(fileobj) + + # expand symlinks + for entry in compilation_db: + entry['file'] = os.path.realpath(entry['file']) + + # Cross-reference source files with compilation database + source_files = [os.path.realpath(s) for s in source_files] + if not source_files: + # No source files specified, analyze entire compilation database + entries = compilation_db + else: + # Source files specified, analyze the ones appearing in compilation db, + # warn for the rest. + entries = [] + for source in source_files: + matches = [e for e in compilation_db if e['file'] == source] + if matches: + entries.extend(matches) + else: + print('WARNING: \'%s\' not found in compilation database.' % + source) + + # Run analysis + try: + for entry in entries: + cwd, compile_command = entry['directory'], entry['command'] + run_iwyu(cwd, compile_command, iwyu_args, verbose, clang_style) + except OSError as why: + print('ERROR: Failed to launch include-what-you-use: %s' % why) + return 1 + + return 0 + + +def _bootstrap(): + """ Parse arguments and dispatch to main(). """ + # This hackery is necessary to add the forwarded IWYU args to the + # usage and help strings. + def customize_usage(parser): + """ Rewrite the parser's format_usage. """ + original_format_usage = parser.format_usage + parser.format_usage = lambda: original_format_usage().rstrip() + \ + ' -- [<IWYU args>]' + os.linesep + + def customize_help(parser): + """ Rewrite the parser's format_help. """ + original_format_help = parser.format_help + + def custom_help(): + """ Customized help string, calls the adjusted format_usage. """ + helpmsg = original_format_help() + helplines = helpmsg.splitlines() + helplines[0] = parser.format_usage().rstrip() + return os.linesep.join(helplines) + os.linesep + + parser.format_help = custom_help + + # Parse arguments + parser = argparse.ArgumentParser( + description='Include-what-you-use compilation database driver.', + epilog='Assumes include-what-you-use is available on the PATH.') + customize_usage(parser) + customize_help(parser) + + parser.add_argument('-v', '--verbose', action='store_true', + help='Print IWYU commands') + parser.add_argument('-c', '--clang-style', action='store_true', + help='Use clang-style output format') + parser.add_argument('-p', metavar='<build-path>', required=True, + help='Compilation database path', dest='dbpath') + parser.add_argument('source', nargs='*', + help='Zero or more source files to run IWYU on. ' + 'Defaults to all in compilation database.') + + def partition_args(argv): + """ Split around '--' into driver args and IWYU args. """ + try: + double_dash = argv.index('--') + return argv[:double_dash], argv[double_dash+1:] + except ValueError: + return argv, [] + + argv, iwyu_args = partition_args(sys.argv[1:]) + args = parser.parse_args(argv) + sys.exit(main(args.dbpath, args.source, args.verbose, args.clang_style, iwyu_args)) + + +if __name__ == '__main__': + _bootstrap()

7 years, 10 months

Fixed bandit test paths

by Lars Michelsen

Module: check_mk Branch: master Commit: 13452adba48247488122da3d89fc83e08cab51b3 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=13452adba48247… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Tue Nov 8 09:56:59 2016 +0100 Fixed bandit test paths --- tests/Makefile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index 0baa9ae..b66c5bf 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -17,16 +17,16 @@ test-bandit-ci: # Currently only care about high severity reported issues. Once this is # reached, go and enable the medium/low checks. CMK_DIR="$(realpath ..)" ; \ - CMC_DIR="$(realpath ..)" ; \ + CMC_DIR="$(realpath ../../cmc/)" ; \ bandit \ -c "$$CMK_DIR/bandit.yaml" \ -r \ - -f xml -o "$$WORKDIR/bandit_results.xml" \ -lll \ + -f xml -o "$$WORKDIR/bandit_results.xml" \ "$$CMK_DIR" \ - "$$CMK_DIR/checks/*" \ - "$$CMK_DIR/inventory/*" \ - "$$CMC_DIR" + "$$CMK_DIR"/{checks,inventory}/* \ + "$$CMC_DIR" \ + "$$CMC_DIR"/agents/{plugins,bakery}/* test-pylint-ci:

7 years, 10 months

Fixed path issues in test-bandit-ci target

by Lars Michelsen

Module: check_mk Branch: master Commit: 7bf62ec21d29363fe01ae943e01a73b19f240e0f URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7bf62ec21d2936… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Mon Nov 7 22:00:22 2016 +0100 Fixed path issues in test-bandit-ci target --- tests/Makefile | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index b6cbcc9..0baa9ae 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,10 +1,11 @@ SHELL=/bin/bash help: - @echo "test - Run all tests" - @echo "test-pylint - Run pylint based tests" - @echo "test-bandit - Run bandit (security) tests" - @echo "setup - Install dependencies" + @echo "test - Run all tests" + @echo "test-pylint - Run pylint based tests" + @echo "test-pylint-ci - Run pylint based tests within Jenkins" + @echo "test-bandit-ci - Run bandit (security) tests within Jenkins" + @echo "setup - Install dependencies" test: py.test @@ -12,17 +13,20 @@ test: test-pylint: py.test -k pylint -test-bandit: +test-bandit-ci: # Currently only care about high severity reported issues. Once this is # reached, go and enable the medium/low checks. + CMK_DIR="$(realpath ..)" ; \ + CMC_DIR="$(realpath ..)" ; \ bandit \ - -c ../bandit.yaml \ + -c "$$CMK_DIR/bandit.yaml" \ -r \ - -f xml -o $$WORKDIR/bandit_results.xml \ + -f xml -o "$$WORKDIR/bandit_results.xml" \ -lll \ - $(realpath ..) \ - $(realpath ..)/{checks,inventory}/* \ - $(realpath ../cmc/) + "$$CMK_DIR" \ + "$$CMK_DIR/checks/*" \ + "$$CMK_DIR/inventory/*" \ + "$$CMC_DIR" test-pylint-ci:

7 years, 10 months

crawl test: detect incomplete runs by comparing number of URLs with last run

by Lars Michelsen

Module: check_mk Branch: master Commit: e0dffc5089059b2cf13a4f66ff0f1af0328bc297 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=e0dffc5089059b… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Mon Nov 7 21:11:23 2016 +0100 crawl test: detect incomplete runs by comparing number of URLs with last run --- tests/web/test_crawl.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/web/test_crawl.py b/tests/web/test_crawl.py index 7d09f93..32a178f 100644 --- a/tests/web/test_crawl.py +++ b/tests/web/test_crawl.py @@ -313,12 +313,21 @@ class TestCrawler(object): def update_total_stats(self, finished): stats = self.stats.setdefault("_TOTAL_", {}) + stats["last_num_visited"] = len(self.visited) stats["last_duration"] = time.time() - self.started stats["last_errors"] = self.errors stats["last_finished"] = finished if finished: + if stats.get("last_finished_num_visited", 0) > 0: + perc = float(stats["last_num_visited"]) * 100 / stats["last_finished_num_visited"] + if perc < 80.0: + self.error("Finished and walked %d URLs, previous run walked %d URLs. That " + "is %0.2f %% of the previous run. Something seems to be wrong." + % (stats["last_num_visited"], stats["last_finished_num_visited"], + perc)) + stats["last_finished_num_visited"] = stats["last_num_visited"] stats["last_finished_duration"] = stats["last_duration"] stats["last_finished_errors"] = stats["last_errors"]

7 years, 10 months

First experiments with bandit security scanner

by Lars Michelsen

Module: check_mk Branch: master Commit: c3eba7ca835c3ec23c7ac5f314ffa5461c6dbf19 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=c3eba7ca835c3e… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Mon Nov 7 21:30:45 2016 +0100 First experiments with bandit security scanner --- bandit.yaml | 161 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ tests/Makefile | 18 ++++++- 2 files changed, 178 insertions(+), 1 deletion(-) diff --git a/bandit.yaml b/bandit.yaml new file mode 100644 index 0000000..5829195 --- /dev/null +++ b/bandit.yaml @@ -0,0 +1,161 @@ + +### Bandit config file generated from: +# '/usr/local/bin/bandit-config-generator -o ../bandit.yaml' + +### This config may optionally select a subset of tests to run or skip by +### filling out the 'tests' and 'skips' lists given below. If no tests are +### specified for inclusion then it is assumed all tests are desired. The skips +### set will remove specific tests from the include set. This can be controlled +### using the -t/-s CLI options. Note that the same test ID should not appear +### in both 'tests' and 'skips', this would be nonsensical and is detected by +### Bandit at runtime. + +# Available tests: +# B101 : assert_used +# B102 : exec_used +# B103 : set_bad_file_permissions +# B104 : hardcoded_bind_all_interfaces +# B105 : hardcoded_password_string +# B106 : hardcoded_password_funcarg +# B107 : hardcoded_password_default +# B108 : hardcoded_tmp_directory +# B109 : password_config_option_not_marked_secret +# B110 : try_except_pass +# B111 : execute_with_run_as_root_equals_true +# B112 : try_except_continue +# B201 : flask_debug_true +# B301 : pickle +# B302 : marshal +# B303 : md5 +# B304 : ciphers +# B305 : cipher_modes +# B306 : mktemp_q +# B307 : eval +# B308 : mark_safe +# B309 : httpsconnection +# B310 : urllib_urlopen +# B311 : random +# B312 : telnetlib +# B313 : xml_bad_cElementTree +# B314 : xml_bad_ElementTree +# B315 : xml_bad_expatreader +# B316 : xml_bad_expatbuilder +# B317 : xml_bad_sax +# B318 : xml_bad_minidom +# B319 : xml_bad_pulldom +# B320 : xml_bad_etree +# B321 : ftplib +# B401 : import_telnetlib +# B402 : import_ftplib +# B403 : import_pickle +# B404 : import_subprocess +# B405 : import_xml_etree +# B406 : import_xml_sax +# B407 : import_xml_expat +# B408 : import_xml_minidom +# B409 : import_xml_pulldom +# B410 : import_lxml +# B411 : import_xmlrpclib +# B412 : import_httpoxy +# B501 : request_with_no_cert_validation +# B502 : ssl_with_bad_version +# B503 : ssl_with_bad_defaults +# B504 : ssl_with_no_version +# B505 : weak_cryptographic_key +# B506 : yaml_load +# B601 : paramiko_calls +# B602 : subprocess_popen_with_shell_equals_true +# B603 : subprocess_without_shell_equals_true +# B604 : any_other_function_with_shell_equals_true +# B605 : start_process_with_a_shell +# B606 : start_process_with_no_shell +# B607 : start_process_with_partial_path +# B608 : hardcoded_sql_expressions +# B609 : linux_commands_wildcard_injection +# B701 : jinja2_autoescape_false +# B702 : use_of_mako_templates + +# (optional) list included test IDs here, eg '[B101, B406]': +tests: + +# (optional) list skipped test IDs here, eg '[B101, B406]': +skips: + +### (optional) plugin settings - some test plugins require configuration data +### that may be given here, per-plugin. All bandit test plugins have a built in +### set of sensible defaults and these will be used if no configuration is +### provided. It is not necessary to provide settings for every (or any) plugin +### if the defaults are acceptable. + +any_other_function_with_shell_equals_true: + no_shell: [os.execl, os.execle, os.execlp, os.execlpe, os.execv, os.execve, os.execvp, + os.execvpe, os.spawnl, os.spawnle, os.spawnlp, os.spawnlpe, os.spawnv, os.spawnve, + os.spawnvp, os.spawnvpe, os.startfile] + shell: [os.system, os.popen, os.popen2, os.popen3, os.popen4, popen2.popen2, popen2.popen3, + popen2.popen4, popen2.Popen3, popen2.Popen4, commands.getoutput, commands.getstatusoutput] + subprocess: [subprocess.Popen, subprocess.call, subprocess.check_call, subprocess.check_output, + utils.execute, utils.execute_with_timeout] +execute_with_run_as_root_equals_true: + function_names: [ceilometer.utils.execute, cinder.utils.execute, neutron.agent.linux.utils.execute, + nova.utils.execute, nova.utils.trycmd] +hardcoded_tmp_directory: + tmp_dirs: [/tmp, /var/tmp, /dev/shm] +linux_commands_wildcard_injection: + no_shell: [os.execl, os.execle, os.execlp, os.execlpe, os.execv, os.execve, os.execvp, + os.execvpe, os.spawnl, os.spawnle, os.spawnlp, os.spawnlpe, os.spawnv, os.spawnve, + os.spawnvp, os.spawnvpe, os.startfile] + shell: [os.system, os.popen, os.popen2, os.popen3, os.popen4, popen2.popen2, popen2.popen3, + popen2.popen4, popen2.Popen3, popen2.Popen4, commands.getoutput, commands.getstatusoutput] + subprocess: [subprocess.Popen, subprocess.call, subprocess.check_call, subprocess.check_output, + utils.execute, utils.execute_with_timeout] +password_config_option_not_marked_secret: + function_names: [oslo.config.cfg.StrOpt, oslo_config.cfg.StrOpt] +ssl_with_bad_defaults: + bad_protocol_versions: [PROTOCOL_SSLv2, SSLv2_METHOD, SSLv23_METHOD, PROTOCOL_SSLv3, + PROTOCOL_TLSv1, SSLv3_METHOD, TLSv1_METHOD] +ssl_with_bad_version: + bad_protocol_versions: [PROTOCOL_SSLv2, SSLv2_METHOD, SSLv23_METHOD, PROTOCOL_SSLv3, + PROTOCOL_TLSv1, SSLv3_METHOD, TLSv1_METHOD] +start_process_with_a_shell: + no_shell: [os.execl, os.execle, os.execlp, os.execlpe, os.execv, os.execve, os.execvp, + os.execvpe, os.spawnl, os.spawnle, os.spawnlp, os.spawnlpe, os.spawnv, os.spawnve, + os.spawnvp, os.spawnvpe, os.startfile] + shell: [os.system, os.popen, os.popen2, os.popen3, os.popen4, popen2.popen2, popen2.popen3, + popen2.popen4, popen2.Popen3, popen2.Popen4, commands.getoutput, commands.getstatusoutput] + subprocess: [subprocess.Popen, subprocess.call, subprocess.check_call, subprocess.check_output, + utils.execute, utils.execute_with_timeout] +start_process_with_no_shell: + no_shell: [os.execl, os.execle, os.execlp, os.execlpe, os.execv, os.execve, os.execvp, + os.execvpe, os.spawnl, os.spawnle, os.spawnlp, os.spawnlpe, os.spawnv, os.spawnve, + os.spawnvp, os.spawnvpe, os.startfile] + shell: [os.system, os.popen, os.popen2, os.popen3, os.popen4, popen2.popen2, popen2.popen3, + popen2.popen4, popen2.Popen3, popen2.Popen4, commands.getoutput, commands.getstatusoutput] + subprocess: [subprocess.Popen, subprocess.call, subprocess.check_call, subprocess.check_output, + utils.execute, utils.execute_with_timeout] +start_process_with_partial_path: + no_shell: [os.execl, os.execle, os.execlp, os.execlpe, os.execv, os.execve, os.execvp, + os.execvpe, os.spawnl, os.spawnle, os.spawnlp, os.spawnlpe, os.spawnv, os.spawnve, + os.spawnvp, os.spawnvpe, os.startfile] + shell: [os.system, os.popen, os.popen2, os.popen3, os.popen4, popen2.popen2, popen2.popen3, + popen2.popen4, popen2.Popen3, popen2.Popen4, commands.getoutput, commands.getstatusoutput] + subprocess: [subprocess.Popen, subprocess.call, subprocess.check_call, subprocess.check_output, + utils.execute, utils.execute_with_timeout] +subprocess_popen_with_shell_equals_true: + no_shell: [os.execl, os.execle, os.execlp, os.execlpe, os.execv, os.execve, os.execvp, + os.execvpe, os.spawnl, os.spawnle, os.spawnlp, os.spawnlpe, os.spawnv, os.spawnve, + os.spawnvp, os.spawnvpe, os.startfile] + shell: [os.system, os.popen, os.popen2, os.popen3, os.popen4, popen2.popen2, popen2.popen3, + popen2.popen4, popen2.Popen3, popen2.Popen4, commands.getoutput, commands.getstatusoutput] + subprocess: [subprocess.Popen, subprocess.call, subprocess.check_call, subprocess.check_output, + utils.execute, utils.execute_with_timeout] +subprocess_without_shell_equals_true: + no_shell: [os.execl, os.execle, os.execlp, os.execlpe, os.execv, os.execve, os.execvp, + os.execvpe, os.spawnl, os.spawnle, os.spawnlp, os.spawnlpe, os.spawnv, os.spawnve, + os.spawnvp, os.spawnvpe, os.startfile] + shell: [os.system, os.popen, os.popen2, os.popen3, os.popen4, popen2.popen2, popen2.popen3, + popen2.popen4, popen2.Popen3, popen2.Popen4, commands.getoutput, commands.getstatusoutput] + subprocess: [subprocess.Popen, subprocess.call, subprocess.check_call, subprocess.check_output, + utils.execute, utils.execute_with_timeout] +try_except_continue: {check_typed_exception: false} +try_except_pass: {check_typed_exception: false} + diff --git a/tests/Makefile b/tests/Makefile index a3b6524..b6cbcc9 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,6 +1,9 @@ +SHELL=/bin/bash + help: @echo "test - Run all tests" @echo "test-pylint - Run pylint based tests" + @echo "test-bandit - Run bandit (security) tests" @echo "setup - Install dependencies" test: @@ -9,6 +12,18 @@ test: test-pylint: py.test -k pylint +test-bandit: + # Currently only care about high severity reported issues. Once this is + # reached, go and enable the medium/low checks. + bandit \ + -c ../bandit.yaml \ + -r \ + -f xml -o $$WORKDIR/bandit_results.xml \ + -lll \ + $(realpath ..) \ + $(realpath ..)/{checks,inventory}/* \ + $(realpath ../cmc/) + test-pylint-ci: export TERM="linux" ; \ @@ -29,5 +44,6 @@ setup: beautifulsoup4 \ pytest-stepwise \ dill \ - html5lib + html5lib \ + bandit $(MAKE) -C pylint setup

7 years, 10 months

Minor comment cleanup

by Konstantin Büttner

Module: check_mk Branch: master Commit: bb29040193f3c5bf599cf94762b0d6242b9f44c0 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=bb29040193f3c5… Author: Konstantin Büttner <kb(a)mathias-kettner.de> Date: Mon Nov 7 16:19:53 2016 +0100 Minor comment cleanup --- web/plugins/wato/check_parameters.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/web/plugins/wato/check_parameters.py b/web/plugins/wato/check_parameters.py index 01b5c8e..68b2b14 100644 --- a/web/plugins/wato/check_parameters.py +++ b/web/plugins/wato/check_parameters.py @@ -3990,8 +3990,6 @@ register_check_parameters( # | | __/| | | | | | | |_| | | | | (_| | | # | |_| |_| |_|_| |_|\__|_|_| |_|\__, | | # | |___/ | -# +----------------------------------------------------------------------+ -# | | # '----------------------------------------------------------------------' def transform_printer_supply(l): @@ -4245,8 +4243,6 @@ register_check_parameters( # | | |_| \__ \ | # | \___/|___/ | # | | -# +----------------------------------------------------------------------+ -# | | # '----------------------------------------------------------------------' register_check_parameters(

7 years, 10 months

storcli_pdisks, storcli_vdrives: Now WATO configurable

by Konstantin Büttner

Module: check_mk Branch: master Commit: b5cbcfe903f6087d841ff18e7a91bbd1bb3550fb URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=b5cbcfe903f608… Author: Konstantin Büttner <kb(a)mathias-kettner.de> Date: Mon Nov 7 16:18:46 2016 +0100 storcli_pdisks, storcli_vdrives: Now WATO configurable --- checks/storcli_pdisks | 3 +- checks/storcli_vdrives | 3 +- web/plugins/wato/check_parameters.py | 85 ++++++++++++++++++++++++++++++++++++ 3 files changed, 89 insertions(+), 2 deletions(-) diff --git a/checks/storcli_pdisks b/checks/storcli_pdisks index cce58f6..0ad0464 100644 --- a/checks/storcli_pdisks +++ b/checks/storcli_pdisks @@ -85,5 +85,6 @@ check_info["storcli_pdisks"] = { "parse_function" : parse_storcli_pdisks, "inventory_function" : inventory_storcli_pdisks, "check_function" : check_storcli_pdisks, - "service_description" : "RAID PDisk EID:Slot-Device %s" + "service_description" : "RAID PDisk EID:Slot-Device %s", + "group" : "storcli_pdisks", } diff --git a/checks/storcli_vdrives b/checks/storcli_vdrives index 223e9d8..c5d2886 100644 --- a/checks/storcli_vdrives +++ b/checks/storcli_vdrives @@ -90,5 +90,6 @@ check_info["storcli_vdrives"] = { "parse_function" : parse_storcli_vdrives, "inventory_function" : inventory_storcli_vdrives, "check_function" : check_storcli_vdrives, - "service_description" : "RAID Virtual Drive %s" + "service_description" : "RAID Virtual Drive %s", + "group" : "storcli_vdrives", } diff --git a/web/plugins/wato/check_parameters.py b/web/plugins/wato/check_parameters.py index 19dcd2f..01b5c8e 100644 --- a/web/plugins/wato/check_parameters.py +++ b/web/plugins/wato/check_parameters.py @@ -3897,6 +3897,91 @@ register_check_parameters( "first" ) +register_check_parameters( + subgroup_storage, + "storcli_vdrives", + _("LSI RAID VDrives (StorCLI)"), + Dictionary( + title = _("Evaluation of VDrive States"), + elements = [ + ( "Optimal", + MonitoringState( + title = _("State for Optimal"), + default_value = 0, + )), + ( "Partially Degraded", + MonitoringState( + title = _("State for Partially Degraded"), + default_value = 1, + )), + ( "Degraded", + MonitoringState( + title = _("State for Degraded"), + default_value = 2, + )), + ( "Offline", + MonitoringState( + title = _("State for Offline"), + default_value = 1, + )), + ( "Recovery", + MonitoringState( + title = _("State for Recovery"), + default_value = 1, + )), + ]), + TextAscii( + title = _("Virtual Drive"), + allow_empty = False, + ), + "dict" +) + +register_check_parameters( + subgroup_storage, + "storcli_pdisks", + _("LSI RAID physical disks (StorCLI)"), + Dictionary( + title = _("Evaluation of PDisk States"), + elements = [ + ( "Dedicated Hot Spare", + MonitoringState( + title = _("State for Dedicated Hot Spare"), + default_value = 0, + )), + ( "Global Hot Spare", + MonitoringState( + title = _("State for Global Hot Spare"), + default_value = 0, + )), + ( "Unconfigured Good", + MonitoringState( + title = _("State for Unconfigured Good"), + default_value = 0, + )), + ( "Unconfigured Bad", + MonitoringState( + title = _("State for Unconfigured Bad"), + default_value = 1, + )), + ( "Online", + MonitoringState( + title = _("State for Online"), + default_value = 0, + )), + ( "Offline", + MonitoringState( + title = _("State for Offline"), + default_value = 2, + )), + ]), + TextAscii( + title = _("PDisk EID:Slot-Device"), + allow_empty = False, + ), + "dict" +) + #. # .--Printing------------------------------------------------------------. # | ____ _ _ _ |

7 years, 10 months

← Newer
1
...
21
22
23
24
25
26
27
...
30
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits November 2016